GregSowell.com. Mikrotik Routing

Mikrotik Routing

Static Dynamic Routing To Be Discussed RIP Quick Discussion OSPF BGP

What is Routing Wikipedia has a very lengthy explanation http://en.wikipedia.org/wiki/routing In the context of this class routing is path selection. Which path should I, as the router, send this traffic.

What is a Routing Table A routing table is a list of networks, and the next hop information to reach those networks. A router only cares about its next hop. Routes can be entered statically or be added dynamically with a routing protocol (this differs from a routed protocol, such as IP or IPX).

Hot Potato Routing Imagine a line of children playing hot potato and you are in the middle. Boys on the left and girls on the right. When the potato comes toward you destined for the girls, you throw it to the right. You don t care which order in the line Janet is, you just know that the girls are to the right, so you send it that direction. If you don t have a direct route for the potato (the kid is named Pat), but you do have a default gateway to send the potato to in unknown situations, you will throw the potato at that neighbor. If you don t know the route to the destination and you have no default gateway, you will throw that potato in the trashcan at your feet.

How to View the Routing Table IP -> Routes For every IP address you assign to the router (given the interface is up), it creates a route in the routing table.

Static Routing Adding routes manually is called static routing. This is done via IP -> Routes. Destination is the subnet you wish to route to. Gateway is the next hop router to get there. Even if the subnet is multiple routers away, we only specify the next hop router. Gateway Interface will be auto chosen if no selection is made. Check Gateway offers the option to either ping or ensure that the MAC address is in the ARP table. If the gateway is deemed unreachable, the route becomes invalid. Distance is the administrative distance. If you have multiple routes to the same destination network, the route with the lowest distance will be used. Static defaults 1 EBGP defaults 20 OSPF defaults 110 IBGP defaults 200 Routing mark will create this route in a separate routing table.

Default Gateway A default gateway, or sometimes called a gateway of last resort, is a route, static or dynamic, that provides a route to send traffic when nothing more specific exists in the route table. 0.0.0.0/0 is the destination of a default gateway.

Static Routing Tables MTK1 MTK2 MTK3 MTK4

Floating Static Route Floating static routes are generally used for route failover. The principle is that you use two routes to the same destination and have one with a higher administrative distance. The route with the lower distance will be used unless it becomes ineligible. Ineligible due to interface failure. Ineligible due to remote host unreachable (Check Gateway).

RIP Routing Information Protocol. The first IGP Interior Gateway Protocol. Uses UDP port 520. Metric This is a distance vector protocol (hop count). 15 hops max, 16 is unreachable. Uses no hello interval. Sends ALL routes every update interval. Update interval is 30 seconds. RIPv1 sends to broadcast(255.255.255.255). RIPv2 sends to multicast(204.0.0.9). RIP sends triggered updates when routes change. Allows installing 1-6 equal metric routes (default is 4). Allows plain-text or MD5 authentication. RIPv2 allows VLSM (Variable Length Subnet Mask). V2 sends subnet with routing updates. By default it doesn t allow discontigious subnets due to auto summarization. You can disable auto sum (Cisco). Convergence can take up to 4 minutes in a moderately sized network. Last point, don t use RIP unless you must.

OSPF Open Shortest Path First Link State Protocol. Link state refers to the fact that the topology information includes information about each data link, along with each link s current operational state. All the topological info makes up the LSDB (Link State Database). Uses the Dijkstra algorithm to calculate the best route to each subnet. Supports VLSM/CIDR/Discontigous networks. Routing -> OSPF

OSPF Router ID The OSPF process must first choose a router ID. Setting the RID manually in the instance (in V3.X this was set in the process itself). If the RID isn t set manually, then the lowest IP address configured on an active interface is used (Cisco uses Highest IP address). I always recommend manually setting the ID.

OSPF Messages Hello Discovers neighbors, brings neighbor relationship to 2-way state, and checks neighbor status. DBD or DD (Database Description) Exchange light versions of each LSA on initial topology exchange. Helps determine which LSAs the router should request of its neighbors. LSR (Link-state Request) Specifies one or more LSAs which the sending router would like full details on. LSU (Link-state Update) Contains fully detailed LSA as requested by an LSR. LSAck (Link-state Acknowledgement) Confirms receipt of an LSU. LSAs are not OSPF messages, rather they are used inside LSU messages to exchange information.

OSPF Neighbors When a link comes up and routers exchange hellos they are in a two-way state. Hellos are sent to 224.0.0.5 All OSPF routers multicast address. Once hellos are exchanged, the following parameter checks are made: Must pass authentication Same primary subnet (Cisco) Same OSPF area Same area type Can t have duplicate RIDs Hello and Dead timers must be the same *Though not technically part of the Hello process, the MTU must be the same for DBDs to exchange* Hello interval is 10 seconds on standard ethernet interfaces. The dead timer defaults to 4 times the hello interval.

OSPF Info Exchange Hellos are exchanged. If all parameters match, then the neighbors reach the two-way state. If neighbors continue they enter the ExStart phase. The router with the higher RID becomes the master and initiates the DBD exchange. DBDs are sequenced and acknowledged by the neighbor sending the exact same DBD back. The neighbors now have lists of routes known by the neighbor. The neighbors send LSR packets to request full LSAs for the needed routes. The neighbor will respond with LSUs that contain this information. LSUs can be acknowledged either by sending the same LSU back or by sending an LSAck Once all necessary routes have been exchanged, the routers settle into the full state. The routers will have identical LSDBs for the shared area. Your router will now run the SPF algorithm to calculate the best routes.

OSPF Designated Router The DR process optimizes route flooding on multiaccess networks. The DR also creates type 2 LSAs. DR election takes place after routers become neighbors, but before the DBDs are exchanged. If the hello message contain a DR of 0.0.0.0, then the router waits the ospf wait time. This gives other routes still powering up an opportunity to participate in the election. If the hello message contains a DR, then this value is accepted as the DR. Higher priority gives the router a better chance to be elected. A priority of 0 ensures that a router won t attempt to become a DR. If priorities tie in the election process the higher RID wins. A BDR is also elected. This is a backup in the event that the DR fails. On the multiaccess link, routers will form full adjacencies with the DR and BDR. The neighbors that are neither DRs or BDRs (known as DRothers) will settle into a two-way state. Neighbors will send updates to 224.0.0.6 (all DR routers). LSAs will be sent to the DR and BDR. The DR will then relay the routes to the other neighbors.

OSPF Design ABR (Area Border Router) An OSPF router that has two areas configured on it. ASBR (Autonomous System Boundary Router) Any OSPF router that injects external routes into the OSPF process. Using Multiple Areas Smaller LSDBs require less memory Quicker SPF calculations due to fewer entries in the LSDB A failure in a remote area only causes a partial recalculation on other areas Routes can be summarized only at area borders Type 1 and 2 messages are suppressed. Type 3 summary LSAs alone are passed

OSPF LSA Types Link State Advertisements are OSPF s method of sharing routing information. Type 1 Router One per router: lists RID and all interface IP addresses. Type 2 Network One per transit network. Created by DR and represents subnet and router interfaces on subnet. Type 3 Net Summary ABRs create to take place of type 1 & 2 LSAs when being advertised into another area. Contains links in the original area and cost but no topology information. When type 1/2 routes change in an area, adjacent areas perform only a partial SPF or partial calculation. Type 4 ASBR Summary Advertises a host route used to reach an ASBR. Created by ABRs. Type 5 AS External Created by ASBRs for external routes injected into OSPF. Type 7 NSSA External Created by ASBR in an NSSA area to take place of type 5 LSAs.

OSPF Areas Areas can be expressed either in decimal format or dotted format (X.X.X.X). Every area must connect with area 0. Area 0 is also known as the backbone area. Summarization happens at area borders.

OSPF Area Types Areas have 3 types: Standard Area Stubby Area Not So Stubby Area (NSSA) Stubby/NSSA areas block type 5 advertisements inward. They instead inject a default route. Stubby blocks 5s and allows no ASBRs inside the area. NSSA blocks 5s and allows ASBRs inside their area to create type 7s within the area. Once these type 7s hit an ABR, they are turned into type 5s for advertisement into the backbone area.

OSPF Path Selection Take the shortest path to area 0. Take the shortest path across area 0 without traversing a nonbackbone area. Take the shortest path to the destination without traversing area 0. OSPF is really link state inside areas and distance vector between areas. OSPF doesn t necessarily use the least cost path to area 0. It is possible to have equal paths that are different route types (intraarea, inter-area, E1 or E2). In these cases, cost is ignored and instead the following order is considered: Intra-area Inter-area E1 E2

OSPF Path Loop Avoidance ABRs ignore LSAs created by other ABRs when they are learned through a nonbackbone area. In the example to the right, MTK1 is advertising subnet A into area 0. This subnet is then advertised into area 2. MTK2 and MTK3 accept the route from MTK1. As you can see, MTK2 and 3 are connected together in area 2 and thus ignore the LSA from each other regarding subnet A. So even though MTK2 s least cost path would be via MTK3 then MTK1, that route isn t available. It isn t available because MTK2 will ignore LSAs from MTK3 that were generated by nonbackbone area.

OSPF Diagram Single Area

MTK1 Routing => OSPF Set the router ID to that of the bridge10 IP (our loopback interface). Redistribute Default Always. Add the 10.0.0.0/8 interfaces into the OSPF process.

MTK1 OSPF Routes/LSAs

MTK2 Set router ID to that of bridge10. Set ether3 to passive to prevent the possibility of rogue adjacencies. Add all interfaces into the OSPF process.

MTK2 OSPF Routes/LSAs

OSPF Multiple Areas

MTK1 Routing => OSPF Set the router ID to that of the bridge10 IP (our loopback interface). Redistribute Default Always. Add the 10.0.0.0/8 interfaces into the OSPF process.

MTK1 LSAs/Routes Notice the summary LSAs coming from other areas. These are your type 3 LSAs. Our type 3s are listed as inter area since they are sourced from another area.

MTK2 Create area 2. Set a network range that encompasses our 192.168.2.0/24 addressing into area2. Ether3 is a member of area2.

MTK2 LSAs Area 2 has the summaries (type 3s). Area 0 shows the summary from alternate areas.

Full Duplex Links Via OSPF

MTK1/3 Full Duplex OSPF MTK1 MTK3

BGP Border Gateway Protocol Uses path attributes (PAs) instead of metrics to select best route. Autonomous system path (AS_PATH) is the default metric. Path vector logic uses AS paths to determine which ASs to hop through to reach destination. Uses TCP port 179 to establish neighbor relationships. Default Keepalive timer is 60 seconds and default hold timer is 180 seconds. ibgp neighbor is an internal neighbor (has the same AS number). ebgp neighbor is an external neighbor (has a different AS number).

ibgp Internal neighbors are all part of the same AS. Administrative distance is 200, higher than that of ebgp. IBGP neighbors generally peer via loopback interfaces to achieve higher availability. ibgp neighbors are assumed to be FULLY meshed (all ibgp neighbors should be peered with one another). This doesn t necessarily mean they need to be physically connected, but they should be peered via BGP. A function of ibgp is that an ibgp neighbors won t advertise internal routes learned from one I neighbor to another they assume that those neighbors are already peered. *The exception to this would be a route reflector client.* ibgp routes learned keep the advertiser s next hop attribute intact by default, but can be overridden with the next hop self attribute. Advertises to ibgp peers only the best path.

ebgp External neighbors are those from different ASs. Administrative distance is 20, lower than ibgp. IBGP neighbors generally peer via the connecting interfaces IP addresses. External neighbors are assumed to be directly connected so the TTL is set to 255 in the packets, which affords the messages only a single hop. You can override this behavior with the multihop attribute (used when peering with loopback interfaces or distant external routers). ebgp routes learned assume the next hop of the address of the advertising peer. That next hop will be propagated throughout the adjacent ibgp infrastructure. This can be overridden with the next hop propagate option. Care should be taken with ebgp neighbors to prevent yourself from becoming a transit point. You should setup filters to only send out the specific routes you want going out. You should also setup filters to block any routes you don t want entering your infrastructure. If you have customers peering with you via BGP you should also take care that you only accept and advertise out ASs that you specifically explicitly allow.

Building the Route Table via BGP ebgp has an AD of 20 as compared to ibgp with its AD of 200. An ebgp route will be installed before an equal length ibgp route. A BGP next hop must be reachable via the route table for a route to be installed into the route table. BGP exchanges NLRI (network layer reachability information), not routes, so all your local routes (point to point information) must be installed in the route table via an IGP or static routes. Since routes learned internally don t change next hop, your router must have that router s subnet in it s route table otherwise the BGP route will be considered invalid. Routes can be added via the network command or via redistribution. Addresses can be summarized via aggregation.

Route Reflection ibgp neighbors are considered to be fully meshed, or all peered with each other. They don t have to be physically cabled to each other, but peered. To get around this rule, you can setup stub routers, as in they are at the end of the network and only have a single outlet or redundant outlets, as RR Clients. This will allow the RR Server to advertise all routes, be it internal or external, to the RR Client. The RR Server will also be allowed to advertise all routes learned from the RR Client to other ibgp neighbors.

BGP Example

MTK6 Update default instance with proper AS. Redistributing Static. Add peer to MTK1. Creating a static entry to null for 8.8.8.80/24.

Change BGP Instance MTK1 ibgp peer using loopbacks ebgp peer with out Add networks to advertise. No Sync option doesn t require the route to exist in the route table. filter set. Setup route filter for our internet peer ebgp routes have distance of 20

MTK2 Set default instance AS. Set peer address to loopback IP and change update source. Routes learned via ibgp have a distance of 200.

MTK3 Set default AS to 2. Setup peer with MTK1/2. MTK4 is a Route Reflector Client, so add the RR checkbox.

MTK4 Set default instance AS. Set peer address to loopback IP and change update source. The MTK4 RR Client has no idea that he is a RR client, and therefore configures like a standard peer.

Resources Awesome Site http://gregsowell.com Mikrotik Video Tutorials - http://gregsowell.com/?page_id=304 Mikrotik Support Docshttp://www.mikrotik.com/testdocs/ros/3.0/ CactiEZ - http://cactiez.cactiusers.org/download/ Cacti Video Tutorials - http://gregsowell.com/?page_id=86 Great Consultant ;)- http://gregsowell.com/?page_id=245